The Privacy Policy was updated on August 15, 2022. The protection of your privacy is a top priority for us at ZainTech. As we are committed to protect our customers’ information, we consider it important to be transparent by providing details on what data we collect, what it is used for, and how we safeguard your privacy and interests. This policy explains how we use your information and how we keep it safe.
This Privacy Policy is applicable to personally identifiable information (hereinafter referred to as “Personal Data” and detailed below) collected, processed, stored and used when you visit our website, use our services, or otherwise interact with us during the course of our relationship.
By using the services of the ZainTech, you agree to our terms of processing your Personal Data which you provide to us in accordance with this policy. In some cases, particularly if you reside in a country which is governed by a data protection regulation, we may ask you to provide consent for you to access our services. Please also note that our site contain links to other sites not owned or controlled by us and we are not responsible for the privacy practices of those sites. Privacy choices you may have made on third-party sites or platform will not apply to us or our use of Personal Data. We encourage you to be aware of the privacy practices of other sites that may collect your Personal Data.
Personal Data is any data that can be used by itself to uniquely identify, contact, or locate a person, or can be used with information available from other sources to uniquely identify an individual.
When you use/ subscribe to ZainTech services, visit our website or interact with us through various channels such as purchases, account registrations, interact with customer care, through calls or chats or online forms, we may collect a variety of information.
Below are three ways in which we collect this information.
The information that we collect from you will help in better processing of your requests where applicable. It will never be sold to any third party for their own marketing purposes without your express permission in writing unless it is used on an aggregated basis for statistical and research purpose without any information which can be used to identify you.
We use your information to:
We adopt best practices and standards in line with international standard ISO/IEC 27001, to include, technical, operational, managerial and physical security controls to protect your personal information from unauthorized access, or disclosure while it is under our control.
ZainTech will maintain the privacy and confidentiality of all information collected for the duration it is under ZainTech’s control. Such information may only be disclosed when required by law or when in good faith we believe that such action is necessary or desirable to comply with the law, protect or defend the rights or property of ZainTech, this site or its users. Information may also be disclosed to authorized third parties (service providers, joint venture partners, ect.) for legitimate business requirements, to help us provide you with the products and services and efficiently serve you . ZainTech shall ensure due care and diligence to ensure confidentiality of information entrusted with such parties.
ZainTech shall retain information as per business need and as applicable laws, regulations, or government orders require. When we dispose of information, we use industry best practices for disposal procedures.
We have security teams who constantly review and improve technical and organizational measures to protect your information in our systems from unauthorized access, accidental loss, disclosure or destruction.
You are entitled to certain legal rights in relation to the personal information that we hold about you.
You have the right to make a request for a copy of the personal data that is held with ZainTech. To make this request as an individual or an enterprise customer, please contact our Customer Services team.
You have the right to have information held about you corrected if it is not accurate. If what we hold on you needs updating, or you think it may be inaccurate, you can contact us through our website by pressing on “contact us” button or contact our Customer Services team.
You have the right to restrict processing your data, however exercising this right may not enable ZainTech to fulfil your service requests and ensure service performance.
You have the right to be able to take with you the personal data you provided to us in certain circumstances, whenever it is permitted by law. In order to do this, you can contact us through our website by pressing on “contact us” button or contact our Customer Services team.
You have the right to object to receive marketing messages from ZainTech by choosing to opt out of all marketing communications or only selected methods (e.g. email, SMS, MMS, phone or post).
You have the right of your data not being subject to a decision based on automated processing and profiling, however, exercising this right may not enable ZainTech to design and promote products and services tailored to your needs.
ZainTech shall strive to only process and retain your data for as long as we need to. In certain circumstances you have the right to request that we erase personal data of yours that we hold. If you feel that we are retaining your data longer than we need, it is worth first checking that your contract with ZainTech has been terminated, which you can do with Customer Services. For more information on retention periods, refer to section in this Privacy Policy called ‘Data Retention’.
Our website uses cookies to enhance your user experience. If you wish to understand more about what these are? We encourage you to review our 'Cookies’ section of this Privacy policy.
Like any other website, ZainTech’s website may use “cookies” and other technologies such as pixel tags to optimize your browsing experience. Cookies are small text files which a website may put on your computer or mobile device when you first visit a site or page and helps to analyze how well the website is performing. It will also help in recognizing your device when you re-visit the website. These cookies will not collect any information when you are not accessing the website and can be deleted at any time by you.
A website uses different cookies to improve the user experience:
Throughout this policy you may come across various terms and technical jargons that are used to describe our stance on privacy matters.
Your opinion matters to us – if you have any questions/complaints about our privacy policy, you can direct your questions at: info@zaintech.com. All information provided to ZainTech will be treated as confidential. Our call centers, support chats and online forms are also available among other channels to contact ZainTech for questions and comments.
Necessary information required from you will be submitted to us without any obligation. In the event where you fail to provide the requested information to us, we will not able to process the request placed by you. This information will help in better processing of your requests where applicable.
With the swift and fast developing services, ZainTech reserves the right to change the Privacy Policy or Terms & Conditions when necessary. The policy shall be updated on an annual basis and when needed, in accordance with regulations.
In addition to the above mentioned, please refer to the applicable region-specific privacy information below:
This section supplements the information in our Privacy Policy above and applies solely to Bahrain residents and Personal Data collected, processed, stored and used in connection with users access or use of ZainTech’s services and site in accordance to the Bahrain's Personal Data Protection Law (Law no. 30 0f 2018) (PDPL) as well as Bahrain’s The Cloud Computing Services Law No. 56 of 2018.
As per Personal Data Protection Law (Law no. 30 0f 2018) (PDPL) “Personal Data” includes any information of any form relating to an identified or identifiable individual, either directly or indirectly, particularly through his/her personal ID number or one or more of his/her physical, physiological, intellectual, cultural or economic characteristics or social identity. To determine whether an individual is identifiable, all means used by, or that may be available to, the data manager or any other person should be considered.
We collect and process your Personal Data only when we have valid consent obtained from you. We will process your data without your consent only for the following cases:
We will only process relevant, enough, and not excessive data in view of the purpose of the collection or subsequent processing.
In case of breach of your personal data, we will notify the relevant authority as required under PDPL, which can further investigate the incident and can notify you of the breach.
We respect your privacy and are committed to protecting the personally identifiable information that you provide, in connection with your use of our site. We take enough technical and organizational measures capable of protecting data against unintentional or unauthorized destruction, accidental loss, unauthorized alteration, disclosure or access, or any other form of processing. Wherever your data is processed by data processor, we ensure that:
We will process the personal data only in a form where data owner cannot be identified. Once the purpose of processing is over, we will archive your data for historical, statistical or scientific research purpose and same will be kept in an anonymized way.
We may transfer your data outside Bahrain only in the following cases:
We are using PBX cloud services for operations related to personal data. In case of any judgment or order issued from a foreign authority in connection with your data, we will inform you about the same.
This section supplements the information in our Privacy Policy above and applies solely to Kuwait residents and Personal Data collected, processed, stored and used in connection with users’ access or use of ZainTech’s services and site in accordance with Kuwait’s E-Transaction Law, Data Privacy Protection Regulation (CITRA Resolution No. 42 of 2021) and CITRA Cloud Computing Regulation
As per Data Privacy Protection Regulation (CITRA Resolution No. 42 of 2021) and CITRA Cloud Computing Regulation, Personal Data means
As per CITRA Cloud Computing Regulation, Special categories of personal data mean private data related to race, origin, religion, sect, philosophical beliefs, political or membership opinions (unions or associations of public benefit) or data related to health and genetic and vital data.
We collect and process your Personal Data only when we have valid consent obtained from you. In case if you are person below age of 18, we will process your data only after collecting consent from your parents. We may obtain a consent to process your personal data from the person authorized by you. We will only process the data for the purposes which are listed in this privacy policy. In case if data is used for purposes other than the mentioned in this policy, we will inform you about the same. We are collecting your data using the means which are defined in this policy.
We respect your privacy and are committed to protecting the personally identifiable information that you provide, in connection with your use of our site. We take enough technical and organizational measures capable of protecting the personal data and information against loss, damage, disclosure, replacement with incorrect data or information, or addition of untrue information. Such technical measures include but not limited to
We may transfer your data outside Kuwait only when we have obtained consent from you, or the person authorized by you to do so. We will also inform you in case we want to transfer your data outside Kuwait. For the data which is stored on our private cloud, we will not transfer to any public or hybrid cloud.
We are only collecting relevant data which is required to fulfil defined purpose of processing and will always keep your data up to date.
We will immediately notify CITC as well as you in case of any breach of your personal data.
This section supplements the information in our Privacy Policy above and applies solely to Saudi Arabia residents and Personal Data collected, processed, stored and used in connection with Users access or use of ZainTech’s services and site in accordance with Saudi Arabia’s General Principles for Personal Data Protection and CITC’s Cloud Computing Regulatory Framework 2018 and the Personal Data Protection Law of 2021.
As per Saudi Arabia’s Personal Data Protection Law of 2021, Personal Data means “any element of data, regardless of source or form whatsoever, which independently or when combined with other available information could lead to the identification of a person including but not limited to: first name and last name, Saudi national ID number, addresses, phone, number, bank account number, credit card number, health data, images or videos of that person."
As per CITC’s Cloud Computing Regulatory Framework 2018
Cloud Computing Service Provider (CSP): Any legal person who provides one or more of the cloud computing services of all types detailed above to subscribers of cloud computing services and may own a center or data centers that they manage partially or completely and use them to provide cloud computing services, directly or indirectly, through
Cloud Computing Subscriber (Subscriber): An individual, government entity, or private company who uses cloud computing services by purchasing those services from a cloud computing service provider under a cloud computing contract.
We make sure that your data collection and processing shall be done in a lawful and in a transparent manner. We will only collect data that is necessary and required for the purpose specified in this Privacy Policy, and collect and process your personal data only when we obtain your express consent, except in the event that the processing is in your real interest subject and contact with you is impossible or difficult to achieve or in the case where the processing is under the applicable laws and regulations or in implementation of a previous agreement in which you are a party in.
We will process your data stored on the cloud only as per our Agreement.
We will retain your personal data only till it fulfills the purpose mentioned in this privacy policy and in accordance with approved instructions received by the Communications and Information Technology Commission (referred to as ‘CITC’). We will retain such data in a form where data owner cannot be identified.
We will not transfer your personal data outside of KSA unless in the case of extreme necessity to preserve your life or your vital interests, or to prevent, examine or treat a disease, or if in implementation of an obligation under which KSA is a party, or to serve the interests of KSA or for any other purposes determined by the applicable law and regulations of the KSA.
The above is still predicated upon complying with the following conditions:
the transfer or disclosure does not prejudice national security or the vital interests of KSA;
there are sufficient guarantees for preserving the confidentiality of your Personal Data to be transferred or disclosed, so that the standards are not less than the standards in the applicable law and regulations;
the transfer or disclosure must be limited to the minimum Personal Data needed; and
the competent authorities approve the transfer or disclosure, as determined by the applicable laws and regulations.
However, the competent authority may exempt, on a case-by-case basis, the personal data from being bound by these conditions if the transfer does not prejudice national security or the vital interests of KSA; if the competent authority, jointly or severally with other parties, determines that the Personal Data will have an acceptable level of protection outside of KSA; and the Personal Data is not Sensitive Data.
We will immediately notify you as well as the competent authorities case of any breach of your personal data.
We will develop and implement a privacy program to maintain personal data protection, where we will develop, document, implement, and enforce policies and procedures for maintaining your data privacy. In addition, we will obtain approval from CITC for this data protection plan, and we will also regularly report this program’s activities to CITC to ensure utmost safety for your data. Further, we will make sure confidentiality, integrity and availability of your data stored on cloud is ascertained based on the data classification levels issued by National Data Management Office or Regulatory Supervisory Authority. Further, we will develop cyber-security and data protection safeguards for your data stored on cloud to protect it while storing, processing, transmitting or outsourcing.
In addition to the data subjects’ rights mentioned in the main section of this notice, you have following right:
This includes informing you of the legal or practical justification for collecting your personal data, and the purpose of that collection, and not to process your data later in a manner inconsistent with the purpose of its collection or in cases other than those stipulated in the applicable laws and regulations.
This includes the right to review and obtain a copy of your personal data in a clear format and conforming to the content of the records, free of charge, in accordance with what is determined by the applicable laws and regulations.
If what we hold on you needs updating, or you think it may be inaccurate, you can contact us on our website by pressing on the “contact us” to update it or contact our Customer Services team.
You can contact us in order to destroy your personal data we hold if it is no longer needed.
The following cases are excluded:
If all means of knowing who the owner of these data is, are removed, in accordance with the limits provided by the applicable laws and regulations.
If there is a legal justification that necessitates keeping it for a specific period, in which case it shall be destroyed after the expiry of this period or the purpose of its collection, whichever latest.
If your personal data is closely connected to a case before a judicial authority and its retention is required for this purpose, in this case it shall be destroyed after the completion of the judicial proceedings for this case.
This section supplements the information in our Privacy Policy above and applies solely to Jordan residents and Personal Data collected, processed, stored and used in connection with Users access or use of ZainTech’s services and site in accordance with Jordan’s Cloud (Platforms & Services) Policy 2020
In case we need to transfer your data stored on cloud to other Cloud Service Provider, we will obtain written approval from you and we will also sign NDA with other Cloud Service Provider to ensure security of your data
We will develop information and network security controls to protect cloud systems and data to avoid unauthorized access and violations of data. We will implement required technical and security controls and measures such as encryption or anonymization to protect data, whether data is stored or being transferred.
In addition to the data subjects’ rights mentioned in the main section of this notice, you have following right:
You have the right to retrieve your information we stored about you on the cloud platform.
We will immediately notify you as well as Telecommunication Regulatory Commission (TRC) and the Ministry in case of any breach of your personal data or any technical defect that occurs to the provided services in accordance with the contract and SLA.
This section supplements the information in our Privacy Policy above and applies solely to United Arab Emirates residents and Personal Data collected, processed, stored and used in connection with Users access or use of ZainTech’s services and site in accordance with The UAE Federal Decree-Law No. 45 of 2021 Regarding the Protection of Data Protection, The Federal Law No. 15 of 2020 on Consumer Protection, Federal Law No. 5 of 2012 on Combatting Cybercrimes and its amendment by the Federal Law No. 12 of 2016 and Federal Law No. 1 of 2006 on Electronic Commerce and Transactions.
As per UAE Data Protection Law, “Personal Data” is defined as any data relating to an identified natural person, or one who can be identified directly or indirectly by way of linking data, using identifiers such as name, voice, picture, identification number, online identifier, geographic location, or one or more special features that express the physical, psychological, economic, cultural or social identity of such person. It also includes Sensitive Personal Data and Biometric Data.
“Sensitive Personal Data” is defined as any data that directly or indirectly reveals a natural person's family, racial origin, political or philosophical opinions, religious beliefs, criminal records, biometric data, or any data related to the health of such person, such as his/her physical, psychological, mental, genetic or sexual condition, including information related to health care services provided thereto that reveals his/her health status.
“Biometric Data” is defined as Personal Data resulting from Processing, using a specific technique, relating to the physical, physiological or behavioral characteristics of a Data Subject, which allows or confirms the unique identification of the Data Subject, such as facial images.
We will collect and process your Personal Data in a fair, transparent and lawful manner where the Personal Data will be collected for a specific and clear purpose and will not be processed at any subsequent time in a manner incompatible with that purpose. However, Personal Data may be processed if the purpose of Processing is similar or close to the purpose for which such data is collected.
Appropriate measures and procedures will be in place to ensure erasure or correction of incorrect Personal Data. Personal Data will be kept securely and protected from any breach, infringement, or illegal or unauthorized Processing by establishing and applying appropriate technical and organizational measures and procedures in accordance with the laws and legislation in force in this regard.
Personal Data may not be kept after fulfilling the purpose of Processing thereof. It may only be kept in the event that the identity of the Data Subject is anonymized using the “Anonymization” feature.
In case of breach of your personal data, we will notify you as well as the relevant authority as required under UAE Data Protection Law.
We shall put in place sufficient technical and organizational measures to protect and secure Personal Data, preserve its confidentiality and privacy, and ensuring that such personal data is not breached, destroyed or altered.
We may transfer your personal data can to countries approved by the Data Office as having an “adequate level of protection”. These cover countries that either have data protection legislation in place or where the specific country has acceded to bilateral or multilateral agreements relating to the protection of personal data.
This section supplements the information in our Privacy Policy above and applies solely to Iraq residents and Personal Data collected, processed, stored and used in connection with Users access or use of ZainTech’s services and site in accordance with the relevant laws in Iraq.
In case we need to transfer your data stored on cloud to other Cloud Service Provider, we will obtain written approval from you and we will also sign NDA with other Cloud Service Provider to ensure security of your data
We will develop information and network security controls to protect cloud systems and data to avoid unauthorized access and violations of data. We will implement required technical and security controls and measures such as encryption or anonymization to protect data, whether data is stored or being transferred.
In addition to the data subjects’ rights mentioned in the main section of this notice, you have following right:
You have the right to retrieve your information we stored about you on the cloud platform.
We will immediately notify you as well as the relevant authorities in Iraq case of any breach of your personal data.
